Hi, Yes, i like GL2. RC1 has a lot of good functions. Saved searches - very good option. Saves a lot of time and minimizes bookmarking and notepad'ing :) Alerts are back! This is very cool.
My several remarks about released GL2 RC1: - add stream rule popup "field" could have "autocomplete="off"". Currently history of this field and real field names are overlapped and in some cases it might be hard to see real field names. (http://dimka.ee/foo/add_stream_rule_01.png) - sorting of stream's triggered alerts is wrong. Initial look is correct, but after clicking "Triggered" column name sorting is messed up. (http://dimka.ee/foo/alert_time_sort_01.png) - integer value format is not user-friendly. In my case integer 40075854 displayed as 4.0075854E7. (http://dimka.ee/foo/numeric_field_bignumber_02.png) - integers (bytes size in my case) have ".0" appended to values, but in logs there're no ".0" (http://dimka.ee/foo/numeric_field_format_01.png) - main admin user cannot set streams or dashboards as a start page. (http://dimka.ee/foo/set_dashboard_as_start_page_01.png) - each stream could have custom column settings (like in v 0.12). Timestamp is mandatory (always displayed), but all other fields even "Message", "source" or "full_message" should be possible not to display to user. We have several streams for non-it people where we want to show only couple specific fields like time-date, URI, byte size and username. - custom column view in main search is reset after new search. Also order of checkboxed columns is not in same order i check the fields. If i check user, uri, method, status - then columns could appear in same order. - quick value breakdown currently limited to 50 terms. This could be also somehow configurable. E.g. in some cases we need to find all unique usernames or URIs, not just top 50. - alert message format could be configurable. This is just my opinion ;) - imho, in streams should be possibility to alert if certain field contains some string (or regex). E.g. i have stream for all proxy logs, instead of building new stream i'd prefer to set alert in proxy stream for uri_field="some_string_is_here". - imho, stream alerts could work in this way: if user accesses facebook at nighttime and then within 5 minutes (or less/more) twitter then fire alert. This might also help to find in different logs non-human activites. E.g. user physically cannot login to webshop, add several products to basket, enter shipping address and logout - during 5 seconds. Such activity defenetly done by some robots or scripts, which in some cases must be investigated. regards, On Tuesday, January 14, 2014 11:38:04 PM UTC+2, lennart wrote: > > We finally released v0.20.0-rc.1 last night. Find the announcement > with changes since preview.8 and a lot of screenshots here: > > http://blog.torch.sh/graylog2-v0-20-0-rc-1-has-been-released/ > > We hope you like it! > > Thank you very much, > Lennart (on behalf of the whole TORCH team) > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
